[Vorbis-dev] Use of alloca in vorbis_comment_add_tag
Robert Kausch
robert.kausch at freac.org
Mon Oct 12 12:04:59 PDT 2015
Dear Vorbis devs,
I'm Robert Kausch, author of fre:ac - free audio converter.
Please consider using _ogg_malloc/_ogg_free in place of alloca in
vorbis_comment_add_tag. alloca will cause undefined behaviour/crashing
when it causes a stack overflow which can easily happen when adding
cover art in a METADATA_BLOCK_PICTURE comment.
I had a user trying to convert a FLAC file with a 2 MB embedded cover
art that caused a crash in vorbis_comment_add_tag.
Thanks and best regards,
Robert
PS @ list moderator: I sent message before I joined the list a few days
ago, but it was ignored. The mail should still be in the moderation
queue; please disregard that one.
--
----
Robert Kausch
robert.kausch at freac.org
More information about the Vorbis-dev
mailing list